INFRA
INFRA
INFRA
Microsoft products pass Adobe in vulnerabilities exploited by cybercriminals
Microsoft Corp. products have become the most popular attack vector for cybercriminals as the use of Adobe Systems Inc. products, specifically the Flash multimedia player, have declined in use, a new report from Recorded Future Inc. has found.
The “Soft Target: The Top 10 Vulnerabilities Used by Cybercriminals” report found that Microsoft products accounted for seven of the top 10 vulnerability exploits adopted by exploit kits and phishing campaigns in 2017. Adobe Flash, which previously dominated the list, now has only three vulnerabilities in the top 10.
Among the exploit kits studied, three vulnerabilities exploited in 2017 were also exploited in 2016 — the first time researchers found high-level vulnerabilities that were attacked over multiple years. One example cited is CVE-2016-0189, a scripting engine memory corruption vulnerability was first popular in 2016 and remained so in 2017.
In good news, exploit kits saw a 62 percent decline in development during 2017, with only a few specific kits such as AKBuilder, Disdain and Terror seeing significant activity. The report attributed the decline to multiple factors, such as more specific victim targeting, shifts to more secure browsers and a rise in cryptocurrency mining malware.
“Our analysis of open, deep and dark web sources identified a shift in preference from Adobe to Microsoft consumer product exploits,” the researchers said. “Criminal exploit kits and phishing campaigns favored Microsoft products in 2017… in stark contrast to our previous rankings which saw consistent exploitation of Adobe Flash vulnerabilities.”
The rise in cryptocurrency mining malware, cited by other security firms as well, featured prominently in the report. “Exploit kits are declining as criminal efforts have adapted,” it noted. “This comes as cryptocurrency mining malware popularity rose in the past year. Profiting from cryptocurrency mining has its advantages, including less time spent on collecting victim ransomware payments and the avoidance of rising bitcoin transaction fees.”
For enterprise users, the report said that “official vulnerability databases and even scanning tools cannot arm organizations with one key metric: the overlap between the vulnerabilities in the systems you use and the ones that are being actively exploited by threat actors.”
Image: xmodulo/Flickr
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
